From owner-freebsd-advocacy@FreeBSD.ORG Mon Jan 26 17:08:13 2004 Return-Path: Delivered-To: freebsd-advocacy@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E56F416A4CE for ; Mon, 26 Jan 2004 17:08:13 -0800 (PST) Received: from fubar.adept.org (fubar.adept.org [63.147.172.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5048643D39 for ; Mon, 26 Jan 2004 17:05:05 -0800 (PST) (envelope-from mike@adept.org) Received: from localhost (localhost [127.0.0.1]) by localhost.adept.org (Postfix) with ESMTP id F189315239 for ; Mon, 26 Jan 2004 17:03:42 -0800 (PST) Received: from fubar.adept.org ([127.0.0.1]) by localhost (fubar.adept.org [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id 80996-06 for ; Mon, 26 Jan 2004 17:03:42 -0800 (PST) Received: from adept.org (mojo.televoke.net [63.237.196.133]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by fubar.adept.org (Postfix) with ESMTP id 3870A15440 for ; Mon, 26 Jan 2004 17:03:42 -0800 (PST) Message-ID: <4015B8ED.4060006@adept.org> Date: Mon, 26 Jan 2004 17:03:41 -0800 From: Mike Hoskins User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.5) Gecko/20031110 X-Accept-Language: en-us, en MIME-Version: 1.0 To: advocacy@freebsd.org References: <000901c3a020$bdf1e490$2ffc2dd5@workstation> In-Reply-To: <000901c3a020$bdf1e490$2ffc2dd5@workstation> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: support needed to clone production machines X-BeenThere: freebsd-advocacy@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: FreeBSD Evangelism List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 27 Jan 2004 01:08:14 -0000 .VWV. wrote: > new DSL line in an isolated place. After all, America have decided to make > Europe as a second world, at the beginning of the last century. I live at > the margins of your empire. I live in a city where nobody cares of my > interests > for the true unix. I have learnt completely alone, with the only help of > your books. not sure what this means... since the project attempts translation of docs/web to various languages, has mirrors (web/doc/cvs) in various places around the globe, etc... what america has or has not done matters very little. the project itself doesn't try to exclude anyone. perhaps you are a minority in your city/etc -- welcome to life as a bsd user. :) i have been a part of that minority since 94/95 -- and i live in america! > I'm running FreeBSD for production purposes on a workstation I have built, > purchasing all of the components in the U.S. I'll need to clone exactly the > same machine on a similar hardware in the next future. The support for the > FreeBSD production systems abandones previous releases too fast. The ports > and the packages become too fast unavailable. how do you mean? you could pick some "deployment release" and track that (say 4.8 security branch, as only one random example). then your OS and related packages are at least not trying to "keep up" with the general release schedule... which is fast-paced for good reason. if you require further "stabalization" of installed packages/etc you may/probably want to build your own packages for commonly installed software, possibly even multiple "package sets" for your various host "categories" (webserver, database server, etc). more time spent coming up with a packaging scheme and managing the result means more stability, or at least seeing only changes you are comfortable with. > The scientific environment is in Europe often a chaos, many institutes often > purchase junk hardware in a total anarchy. that sounds like ".edu" everywhre i've seen it. money usually is NOT that available... so people make due with what they can attain. the commercial world is not so different these days. > It is quite impossible to clone production operating systems at a distance > of one year, does this mean you want to follow a process similar to this: a) install target OS/packages on host A b) wait one year c) install target OS/packages on host B (using same method) d) host B == host A i think you're going to need to head in this general direction: - pick a target release (say 4.8, probably not the newest release) - create a local CVS repository for that release (stable.yourdomain) - create a "gold" server where changes are applied (gold.yourdomain) - create local copies of any/all used software (your packages) - make/test all changes (OS/package/etc) on gold server - move changes to production servers after testing you can monitor a list like cvs-all or other sources to see exactly what's being done on freebsd.org's servers, and update your local repository as needed. when you update your local CVS repository, you update the gold server from there... if it is stable and you are OK with observed changes, you can then update other machines expecting only changes you have already seen on the gold server. new installs progress as usual, but pull sources from the gold server and only install packages installed there... so it's really possible and up to you to "insolate" yourself from undesirable changes... it just requires more time/work. as an example, i know people that follow a similar scheme because they must develop software that is based upon an old 2.2.x tree. some helpful URLs that may help you think about this problem and form possible solutions: http://www.infrastructures.org/papers/bootstrap/bootstrap.html http://www.openpkg.org http://www.freebsd.org/doc/articles/fbsd-from-scratch/index.html if you refine the "from scratch" method to suit your needs and build everything from a locally-controlled repository... then it follows you could control what a "fresh install" looks like. this sounds like what you are trying to do. the only thing i would add is that filesystem snapshots along with a "stable/trusted" gold server could probably be used to do something like this as well. along those lines, 5.x would be your friend. i have verified snapshots work quite well and as expected there... but not on a large scale unfortuneately (few machines). you would still make all changes on your "gold" server, but push those changes to other servers using filesystem snapshots. then you should have byte-for-byte consistency provided through a standardized, easy-to-use interface. granted, i have not tried this myself. ;) > Am I perhaps the only fanatic running FreeBSD where I live... I have tried > to donate my discs to several institutes or students, they have always been > scared of it. It's a common practice to run another well known unix variant. this is human behavior. evolution taught us "don't trust things that are different, they may eat you or your children. run away." only examples of stability/performance/security/etc will convince most people otherwise. (it is no different here. solaris has a strong following, sometimes for good reason... sometimes for superstitious ones!) it is good to know that examples of stability, security, etc. abound in the freebsd world. likewise, daily examples of microsoft's INstability, INsecurity, etc. also abound. > I am prepared for my usual dose of 'flames'. i think this is only the "language barrier"... good luck.